mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
speedo: Add config variable for the timestamp service.
--
This commit is contained in:
parent
04cbc3074a
commit
0370678536
@ -51,10 +51,13 @@
|
|||||||
# # This is greped by the Makefile.
|
# # This is greped by the Makefile.
|
||||||
# RELEASE_ARCHIVE=foo@somehost:tarball-archive
|
# RELEASE_ARCHIVE=foo@somehost:tarball-archive
|
||||||
#
|
#
|
||||||
# # The key used to sign the released sources.
|
# # The key used to sign the GnuPG sources.
|
||||||
# # This is greped by the Makefile.
|
# # This is greped by the Makefile.
|
||||||
# RELEASE_SIGNKEY=6DAA6E64A76D2840571B4902528897B826403ADA
|
# RELEASE_SIGNKEY=6DAA6E64A76D2840571B4902528897B826403ADA
|
||||||
#
|
#
|
||||||
|
# # The key used to sign the VERSION files of some MSI installers.
|
||||||
|
# VERSION_SIGNKEY=02F38DFF731FF97CB039A1DA549E695E905BA208
|
||||||
|
#
|
||||||
# # For signing Windows binaries we need to employ a Windows machine.
|
# # For signing Windows binaries we need to employ a Windows machine.
|
||||||
# # We connect to this machine via ssh and take the connection
|
# # We connect to this machine via ssh and take the connection
|
||||||
# # parameters via .ssh/config. For example a VM could be specified
|
# # parameters via .ssh/config. For example a VM could be specified
|
||||||
@ -74,6 +77,9 @@
|
|||||||
# # This is greped by the Makefile.
|
# # This is greped by the Makefile.
|
||||||
# AUTHENTICODE_TOOL="C:\Program Files (x86)\Windows Kits\10\bin\signtool.exe"
|
# AUTHENTICODE_TOOL="C:\Program Files (x86)\Windows Kits\10\bin\signtool.exe"
|
||||||
#
|
#
|
||||||
|
# # The URL for the timestamping service
|
||||||
|
# AUTHENTICODE_TSURL=http://rfc3161timestamp.globalsign.com/advanced
|
||||||
|
#
|
||||||
# # To use osslsigncode the follwing entries are required and
|
# # To use osslsigncode the follwing entries are required and
|
||||||
# # an empty string must be given for AUTHENTICODE_SIGNHOST.
|
# # an empty string must be given for AUTHENTICODE_SIGNHOST.
|
||||||
# # They are greped by the Makefile.
|
# # They are greped by the Makefile.
|
||||||
@ -242,6 +248,7 @@ $(1) = $$(shell grep '^[[:blank:]]*$(1)[[:blank:]]*=' $$$$HOME/.gnupg-autogen.rc
|
|||||||
endef
|
endef
|
||||||
$(eval $(call READ_AUTOGEN_template,AUTHENTICODE_SIGNHOST))
|
$(eval $(call READ_AUTOGEN_template,AUTHENTICODE_SIGNHOST))
|
||||||
$(eval $(call READ_AUTOGEN_template,AUTHENTICODE_TOOL))
|
$(eval $(call READ_AUTOGEN_template,AUTHENTICODE_TOOL))
|
||||||
|
$(eval $(call READ_AUTOGEN_template,AUTHENTICODE_TSURL))
|
||||||
$(eval $(call READ_AUTOGEN_template,AUTHENTICODE_KEY))
|
$(eval $(call READ_AUTOGEN_template,AUTHENTICODE_KEY))
|
||||||
$(eval $(call READ_AUTOGEN_template,AUTHENTICODE_CERTS))
|
$(eval $(call READ_AUTOGEN_template,AUTHENTICODE_CERTS))
|
||||||
$(eval $(call READ_AUTOGEN_template,OSSLSIGNCODE))
|
$(eval $(call READ_AUTOGEN_template,OSSLSIGNCODE))
|
||||||
@ -1350,7 +1357,7 @@ define AUTHENTICODE_sign
|
|||||||
scp $(1) "$(AUTHENTICODE_SIGNHOST):a.exe" ;\
|
scp $(1) "$(AUTHENTICODE_SIGNHOST):a.exe" ;\
|
||||||
ssh "$(AUTHENTICODE_SIGNHOST)" '$(AUTHENTICODE_TOOL)' sign \
|
ssh "$(AUTHENTICODE_SIGNHOST)" '$(AUTHENTICODE_TOOL)' sign \
|
||||||
/a /n '"g10 Code GmbH"' \
|
/a /n '"g10 Code GmbH"' \
|
||||||
/tr 'http://rfc3161timestamp.globalsign.com/advanced' /td sha256 \
|
/tr '$(AUTHENTICODE_TSURL)' /td sha256 \
|
||||||
/fd sha256 /du https://gnupg.org a.exe ;\
|
/fd sha256 /du https://gnupg.org a.exe ;\
|
||||||
scp "$(AUTHENTICODE_SIGNHOST):a.exe" $(2);\
|
scp "$(AUTHENTICODE_SIGNHOST):a.exe" $(2);\
|
||||||
echo "speedo: signed file is '$(2)'" ;\
|
echo "speedo: signed file is '$(2)'" ;\
|
||||||
@ -1361,13 +1368,13 @@ define AUTHENTICODE_sign
|
|||||||
-pkcs11module $(SCUTEMODULE) \
|
-pkcs11module $(SCUTEMODULE) \
|
||||||
-certs $(AUTHENTICODE_CERTS) \
|
-certs $(AUTHENTICODE_CERTS) \
|
||||||
-h sha256 -n GnuPG -i https://gnupg.org \
|
-h sha256 -n GnuPG -i https://gnupg.org \
|
||||||
-ts http://rfc3161timestamp.globalsign.com/advanced \
|
-ts $(AUTHENTICODE_TSURL) \
|
||||||
-in $(1) -out $(2).tmp ; mv $(2).tmp $(2) ; \
|
-in $(1) -out $(2).tmp ; mv $(2).tmp $(2) ; \
|
||||||
elif [ -e "$(AUTHENTICODE_KEY)" ]; then \
|
elif [ -e "$(AUTHENTICODE_KEY)" ]; then \
|
||||||
echo "speedo: Signing using key $(AUTHENTICODE_KEY)";\
|
echo "speedo: Signing using key $(AUTHENTICODE_KEY)";\
|
||||||
osslsigncode sign -certs $(AUTHENTICODE_CERTS) \
|
osslsigncode sign -certs $(AUTHENTICODE_CERTS) \
|
||||||
-pkcs12 $(AUTHENTICODE_KEY) -askpass \
|
-pkcs12 $(AUTHENTICODE_KEY) -askpass \
|
||||||
-ts "http://timestamp.globalsign.com/scripts/timstamp.dll" \
|
-ts "$(AUTHENTICODE_TSURL)" \
|
||||||
-h sha256 -n GnuPG -i https://gnupg.org \
|
-h sha256 -n GnuPG -i https://gnupg.org \
|
||||||
-in $(1) -out $(2) ;\
|
-in $(1) -out $(2) ;\
|
||||||
else \
|
else \
|
||||||
|
Loading…
x
Reference in New Issue
Block a user